CVE-2025-60800 is a vulnerability identified in the jshERP software, specifically in the /jshERP-boot/user/info interface. The root cause is incorrect access control, classified under CWE-284, which allows attackers to bypass authorization mechanisms. An attacker can send a specially crafted GET request to this endpoint and retrieve sensitive user information without authentication or user interaction. The vulnerability affects all versions of jshERP up to commit 90c411a, although exact version numbers are not specified. The CVSS v3.1 score is 7.5 (high), reflecting a network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality (C:H) with no impact on integrity (I:N) or availability (A:N). This means the vulnerability can be exploited remotely by unauthenticated attackers to disclose sensitive data, potentially including user personal details or system information, depending on what the interface exposes. No patches or known exploits are currently reported, but the vulnerability poses a significant risk if weaponized. The lack of authentication requirement and ease of exploitation make this a critical concern for organizations relying on jshERP for enterprise resource planning functions.

For European organizations, the primary impact is unauthorized disclosure of sensitive information, which could include personal data protected under GDPR, leading to regulatory penalties and reputational damage. Confidentiality breaches could facilitate further attacks such as social engineering, identity theft, or lateral movement within networks. Since the vulnerability does not affect integrity or availability, direct disruption of services or data manipulation is unlikely. However, the exposure of sensitive user info can undermine trust and compliance efforts. Organizations in sectors like manufacturing, logistics, and services that use jshERP for resource planning and user management are particularly vulnerable. The ease of exploitation without authentication increases the risk of widespread scanning and data harvesting by threat actors. This could also attract cybercriminals targeting European companies for espionage or financial gain. The absence of known exploits currently provides a window for proactive mitigation before active exploitation occurs.

1. Immediately review and restrict access controls on the /jshERP-boot/user/info endpoint to ensure only authorized users can retrieve sensitive information. 2. Implement authentication and authorization checks server-side to validate user permissions before disclosing any data. 3. Monitor web server logs for unusual or repeated GET requests targeting this endpoint to detect potential exploitation attempts. 4. Apply network-level protections such as Web Application Firewalls (WAFs) with custom rules to block unauthorized access to the vulnerable interface. 5. Engage with the jshERP vendor or development team to obtain or develop patches addressing this access control flaw. 6. Conduct internal audits of user data exposure and review compliance with data protection regulations like GDPR. 7. Educate IT and security teams about this vulnerability and incorporate it into incident response plans. 8. Limit public exposure of the jshERP management interfaces by using VPNs or IP whitelisting where feasible. 9. Regularly update and patch ERP software components to prevent exploitation of known vulnerabilities.